Just a friendly advisory. Two of the largest makers of IP surveillance equipment have recently had numerous problems with malware-infected cameras and DVRs. However, this has been an industry problem for many years since the rapid growth of the so-called IoT.

one article -- https://ipvm.com/reports/hik-backdoor

If you own a network-connected DVR or IP cameras, or any new-fangled internet-connected device, you really ought to investigate firmware updates and make sure you don't have a vulnerable device. Often, but not always, your home network firewall or "endpoint" solution will catch these threats.

I recently have intercepted two IP cameras (one HikVision and one ELP/Dahua) with malicious web toolkits embedded in the firmware.

Can you point us folks who don't have much clue about these things how you go about checking one's cams for these malicious software?

I have a Dahua and Amcrest cam with plans to add more Dahuas.

I would suggest downloading a copy of Nessus Home, for starters. Run your own vulnerability and penetration tests.

Check IP camera and NVR/DVR model numbers against the manufacturer website and/or Google for bulletins. If newer firmware is available, it’s probably a good idea to update.

If your AV solution is good and is actively scanning all traffic, just logging into the devices webpage might reveal potential exploits or malware. Remember, the danger is not in the AV catching the threat, but actually clicking on a box that says “[device] needs permission to install a plugin or run an activeX object.”